From the course: Cloud Security Considerations for Government and the Military
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Software attack vectors
From the course: Cloud Security Considerations for Government and the Military
Software attack vectors
- [Kevin] Not to be overshadowed by infrastructure, software has many crucial vulnerabilities also. In fact, the Open Web Application Security Project, or OWASP, an online community focused on web application security, has developed a risk rating methodology that can be used to rate the severity of web application vulnerabilities. This basic framework leverages the standard risk model. Risk equals likelihood times impact. By identifying risk and looking at the skill level, motive, opportunity, and size of the threat agents and attack vectors, estimating the likelihood of harm by evaluating known security weaknesses and applicable security controls and estimating the technical and business impact of an exploited vulnerability. This methodology is used to rank the severity of risk to the application so that a prioritized list of what to fix can be made. Many organizations develop a customized risk rating model by modifying…
Contents
-
-
-
Key cloud computing drivers2m 32s
-
(Locked)
Cloud computing characteristics3m 20s
-
(Locked)
Deployment models2m 53s
-
(Locked)
Service models6m 58s
-
(Locked)
IT implementation options1m 47s
-
(Locked)
Infrastructure attack vectors1m 25s
-
(Locked)
Software attack vectors2m 24s
-
(Locked)
Critical vulnerabilities3m 21s
-
-
-
-
-
-